On Sep 18, 2013, at 3:27 PM, Kent Borg kentb...@borg.org wrote:
You foreigners actually have a really big vote here. All those US internet
companies want your business, and as you get no protections, in the current
scheme, not even lip-service, you should look for alternatives. As you do,
On Sat, Sep 21, 2013 at 05:07:02PM -0700, Patrick Pelletier wrote:
and there was a similar discussion on the OpenSSL list recently,
with GnuTLS getting blamed for using the ECRYPT recommendations
rather than 1024:
http://www.mail-archive.com/openssl-users@openssl.org/msg71899.html
GnuTLS
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 9/22/2013 2:23 PM, Jerry Leichter wrote:
On Sep 21, 2013, at 10:05 PM, d.nix wrote:
Hah hah hah. Uh, reading between the lines, color me *skeptical*
that this is really what it claims to be, given the current
understanding of things...
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- Original Message
Subject: Re: What is Intel® Core™ vPro™ Technology Animation
Date: Mon, 23 Sep 2013 05:56:48 +0200
From:
To: cypherpu...@cpunks.org
Security Evaluation of Intel's Active Management Technology
VASSILIOS VERVERIS
On 09/22/2013 01:07 AM, Patrick Pelletier wrote:
1024 bits is enough for anyone
That's a mischaracterisation I think. Some folks (incl. me)
have said that 1024 DHE is arguably better that no PFS and
if current deployments mean we can't ubiquitously do better,
then we should recommend that as
Tim,
With all due respect, most of the points you make are ridiculous.
Could you please explain why you think they are ridiculous.
For example, you point out that the certified C compiler will not
make any guarantees about code that relies on undefined behavior.
Well, of course! Being
On 9/21/13 at 5:07 PM, c...@funwithsoftware.org (Patrick
Pelletier) wrote:
I'm inclined to agree with you, but you might be
interested/horrified in the 1024 bits is enough for anyone
debate currently unfolding on the TLS list:
http://www.ietf.org/mail-archive/web/tls/current/msg10009.html
On Sep 21, 2013, at 10:05 PM, d.nix wrote:
Hah hah hah. Uh, reading between the lines, color me *skeptical* that
this is really what it claims to be, given the current understanding
of things...
http://www.intel.com/content/www/us/en/enterprise-security/what-is-vpro-technology-video.html
The
So we think there is 'some kind' of backdoor in a random number generator.
One question is how the EC math might make that possible. Another is how
might the door be opened.
I was thinking about this and it occurred to me that it is fairly easy to
get a public SSL server to provide a client with
On Sep 22, 2013, at 7:56 PM, d.nix wrote:
...If for example, the paper regarding manipulating the RNG circuit by
alternate chip doping is valid, then an adversary with deep pockets
and vast resources might well be able remotely target specific systems
on demand. Possibly even air gapped ones
Op 20 sep. 2013, om 14:55 heeft Phillip Hallam-Baker hal...@gmail.com het
volgende geschreven:
On Fri, Sep 20, 2013 at 4:36 AM, Dirk-Willem van Gulik di...@webweaving.org
wrote:
Op 19 sep. 2013, om 19:15 heeft Phillip Hallam-Baker hal...@gmail.com het
volgende geschreven:
Let us say
On 22/09/13 16:43 PM, Jerry Leichter wrote:
On Sep 20, 2013, at 2:08 PM, Ray Dillinger wrote:
More fuel for the fire...
http://rt.com/usa/nsa-weak-cryptography-rsa-110/
RSA today declared its own BSAFE toolkit and all versions of its
Data Protection Manager insecure, recommending that all
Patrick Pelletier c...@funwithsoftware.org writes:
I'm inclined to agree with you, but you might be interested/horrified in the
1024 bits is enough for anyone debate currently unfolding on the TLS list:
That's rather misrepresenting the situation. It's a debate between two
groups, the security
On 23/09/13 09:47, Peter Gutmann wrote:
Patrick Pelletier c...@funwithsoftware.org writes:
I'm inclined to agree with you, but you might be interested/horrified in the
1024 bits is enough for anyone debate currently unfolding on the TLS list:
That's rather misrepresenting the situation.
I think, if we are about redesigning and avoiding the failures of the
past, we have to unravel the false assumptions of the past...
On 20/09/13 01:21 AM, Phillip Hallam-Baker wrote:
...
Bear in mind that securing financial transactions is exactly what we
designed the WebPKI to do and it
Patrick == Patrick Pelletier c...@funwithsoftware.org writes:
On 9/14/13 11:38 AM, Adam Back wrote:
Tin foil or not: maybe its time for 3072 RSA/DH and 384/512 ECC?
I'm inclined to agree with you, but you might be interested/horrified
in the 1024 bits is enough for anyone debate currently
On 22/09/13 03:07 AM, Patrick Pelletier wrote:
On 9/14/13 11:38 AM, Adam Back wrote:
Tin foil or not: maybe its time for 3072 RSA/DH and 384/512 ECC?
I'm inclined to agree with you, but you might be interested/horrified in
the 1024 bits is enough for anyone debate currently unfolding on the
Peter Fairbrother zenadsl6...@zen.co.uk writes:
If you just want a down-and-dirty 2048-bit FS solution which will work today,
why not just have the websites sign a new RSA-2048 sub-certificate every day?
Or every few hours? And delete the secret key, of course.
... and I guess that puts you
18 matches
Mail list logo